Skip to main content

Micronaut

3 CVEs product

Monthly

CVE-2024-23639 Maven HIGH PATCH This Week

Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groovy language. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Java Information Disclosure Micronaut
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-32769 Maven HIGH POC PATCH This Week

Micronaut is a JVM-based, full stack Java framework designed for building JVM applications. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Java Micronaut
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-7611 Maven CRITICAL POC PATCH Act Now

All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Request Smuggling Code Injection Micronaut
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groovy language. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Java Information Disclosure Micronaut
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

Micronaut is a JVM-based, full stack Java framework designed for building JVM applications. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Java Micronaut
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Request Smuggling Code Injection Micronaut
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy